tornado-packages/tornado-trees
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add hash range check

Browse Source
This commit is contained in:
poma 2021-02-24 13:39:14 +03:00
parent 06244af218
commit 93dd5d5e86
No known key found for this signature in database
GPG Key ID: BA20CB01FE165657
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
circuits/Utils.circom
View File

@ -14,6 +14,7 @@ template TreeUpdateArgsHasher(nLeaves) {
var bitsPerLeaf = 160 + 256 + 32; var bitsPerLeaf = 160 + 256 + 32;
component hasher = Sha256(header + nLeaves * bitsPerLeaf); component hasher = Sha256(header + nLeaves * bitsPerLeaf);
// the range check on old root is optional, it's enforced by smart contract anyway
component bitsOldRoot = Num2Bits_strict(); component bitsOldRoot = Num2Bits_strict();
component bitsNewRoot = Num2Bits_strict(); component bitsNewRoot = Num2Bits_strict();
component bitsPathIndices = Num2Bits(32); component bitsPathIndices = Num2Bits(32);
@ -39,14 +40,17 @@ template TreeUpdateArgsHasher(nLeaves) {
hasher.in[i + 512] <== bitsPathIndices.out[31 - i]; hasher.in[i + 512] <== bitsPathIndices.out[31 - i];
} }
for(var leaf = 0; leaf < nLeaves; leaf++) { for(var leaf = 0; leaf < nLeaves; leaf++) {
bitsHash[leaf] = Num2Bits(256); // the range check on hash is optional, it's enforced by the smart contract anyway
bitsHash[leaf] = Num2Bits_strict();
bitsInstance[leaf] = Num2Bits(160); bitsInstance[leaf] = Num2Bits(160);
bitsBlock[leaf] = Num2Bits(32); bitsBlock[leaf] = Num2Bits(32);
bitsHash[leaf].in <== hashes[leaf]; bitsHash[leaf].in <== hashes[leaf];
bitsInstance[leaf].in <== instances[leaf]; bitsInstance[leaf].in <== instances[leaf];
bitsBlock[leaf].in <== blocks[leaf]; bitsBlock[leaf].in <== blocks[leaf];
for(var i = 0; i < 256; i++) { hasher.in[header + leaf * bitsPerLeaf + 0] <== 0;
hasher.in[header + leaf * bitsPerLeaf + i] <== bitsHash[leaf].out[255 - i]; hasher.in[header + leaf * bitsPerLeaf + 1] <== 0;
for(var i = 0; i < 254; i++) {
hasher.in[header + leaf * bitsPerLeaf + i + 2] <== bitsHash[leaf].out[253 - i];
} }
for(var i = 0; i < 160; i++) { for(var i = 0; i < 160; i++) {
hasher.in[header + leaf * bitsPerLeaf + i + 256] <== bitsInstance[leaf].out[159 - i]; hasher.in[header + leaf * bitsPerLeaf + i + 256] <== bitsInstance[leaf].out[159 - i];